Information document Article 13 EU Reg. 2016/679- GDPR
Gruppoinvest D’Amico Sas with headquarters in Via Ceglie, 15/17- 72014 Cisternino (BR), P.Iva 02083250742 in the person of its legal representative, (hereinafter, “Owner”), as data controller, informs you pursuant to art. 13 of Legislative Decree no. 196 of 30.6.2003 (hereinafter, “Privacy Code”) and art. 13 of EU Regulation no. 2016/679 (hereinafter, “GDPR”) that your data will be processed in the manner and for the following purposes:
1. Object of treatment
The Data Controller processes the personal identification data (e.g. name, surname, company name, address, telephone number, e-mail address, bank and payment details) – hereinafter, “personal data” or even “data” – communicated by you when concluding contracts for the services of the Data Controller.
The data deriving from the web service may be communicated to the technological and instrumental partners that the Data Controller uses to provide the services requested by the visiting users. The personal data provided by visitors who request dispatch of informative material (requests for information, answers to questions, etc..) or other communications are used only to perform the service or provision requested and are communicated to third parties only where this is necessary for that purpose (provision of services requested through the technological and instrumental partner). The Data Controller may use the services of persons in charge of the processing. The Regulation imposes on the data processor, but also on the Data Controller, the obligation to keep the documentation of all processing operations carried out under his own responsibility. Conservation which, if referred to computer documents, obviously implies the necessary competences concerning the substitute conservation.
2. Purpose of treatment
Your personal data are processed:
A) without your express consent (art. 24 letter a), b), c) Privacy Code and art. 6 letter b), e) GDPR), for the following Service Purposes:
– conclude contracts for the services of the Owner;
– fulfil the pre-contractual, contractual and fiscal obligations deriving from the relationship with you;
– exercise the rights of the Holder, such as the right of defence in court;
B) Only with your specific and distinct consent (Articles 23 and 130 of the Privacy Code and Article 7 of the Code)
GDPR), for the following Marketing Purposes:
– send you by e-mail, post and/or text message and/or telephone contact, newsletters, commercial communications and/or advertising material on products or services offered by the Data Controller and survey the degree of satisfaction with the quality of services;
– send you by e-mail, post and/or text message and/or telephone contact commercial and/or promotional communications from third parties (e.g. business partners)
3. Methods of treatment
The processing of your personal data is carried out by means of the operations indicated in art. 4 no. 2) GDPR, namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data is subject to both paper and electronic and/or automated processing.
The Owner will process personal data for the time necessary to fulfill the above purposes and in any case for no later than 5 years from the termination of the relationship for the Service Purposes and for no later than 2 years from the termination of the service, for the collection of data for the Marketing Purposes. Without prejudice to the provisions of the law for the storage of fiscal data.
Navigation data. The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identified parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.
These data are used only to obtain anonymous statistical information on the use of the site. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.
Data provided voluntarily by the user. The optional, explicit and voluntary sending of electronic mail to any addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, and any other personal data included in the message.
If you have given your explicit and free consent, during the registration process, to request assistance and registration to the newsletter or during the use of our services, the above personal data may also be processed for the following additional purposes: sending newsletters and commercial notices, traditional marketing activities such as sending brochures, catalogs and / or technical mail with ordinary paper and telephone calls with operator, and even marketing activities with automated tools or assimilated such as: Fax, E-mail, SMS, MMS, Istant Messaging, Chat and phone calls without operator. In addition, online marketing activities, web marketing and web advertising. Market research and commercial profiling activities and finally, communication to third parties. The provision of personal data collected for the above purposes is optional.
Where necessary, the data may also be disclosed to third parties. The data obtained through authentication with third-party systems are intended to be given to this site through the explicit acceptance of the authentication service (o-auth).
4. Access to data
Your data may be made accessible for the purposes set out in points 2:
– to employees and collaborators of the Data Controller or of MBE companies in Italy and, in their capacity as persons in charge of and/or authorised by the data controller and/or system administrators;
– to third party companies or other subjects (by way of indication, for the provision of shipping and packaging services, postal services, etc.) that carry out activities in outsourcing on behalf of the Data Controller, in their capacity as external data processors.
5 Data communication
Without the need for express consent (art. 6 letter b) and c) GDPR), the Data Controller may communicate your data for the purposes referred to in point 2. These subjects will process the data in their capacity as independent data controllers.
Data transfer. The Data Controller does not transfer personal data to third countries or international organisations.
6. Nature of data provision and consequences of refusal to respond
The provision of data for the purposes referred to in point 2. In their absence, we can not guarantee the services provided by the owner.
The provision of data for the purposes referred to in Article. 2. You may therefore decide not to provide any data or subsequently deny the possibility of processing data already provided: in this case, you may not receive newsletters, commercial communications and advertising material relating to the Services offered by the Owner. However, you will continue to be entitled to the Services referred to in point 2.)
7. Rights of the data subject
In your capacity as an interested party, you have the rights where applicable referred to in Articles. 15 to 22 EU Regulation 2016/679 and more precisely: right of access, right of rectification, right to be forgotten, right of limitation of treatment, right to data portability, right of opposition, as well as the right of complaint to the Guarantor Authority.
8 Methods of exercising rights
You may at any time exercise your rights by sending an email to :firstname.lastname@example.org, or by written communication by registered mail with return receipt: to the Data Controller, in the person of the administrator, with registered office in Via Ceglie, 15/17- 72014 Cisternino (BR).
To exercise your rights you can use the form provided at the following link: https://www.damicogruppo.it/en/privacy-policy/
The owner assumes the responsibility to respond to the complaint made by the person concerned within 1 (one) month of the request, even in the event of refusal. Time limit extended up to 3 (three) months in cases of particular complexity.
9 Consent to treatment and minors
The interested party declares to have read the above information, with the communication of personal data freely given or otherwise collected during navigation, always carried out in respect of privacy in force, lends his consent to the processing, and therefore, “ticked” in the appropriate box expressly accepts the registration and processing of their data which will be based on the principles of correctness, lawfulness and transparency, in the manner described above.
Particular conditions are dictated by EU Regulation 679/ 2016 in the interest of children in Article 8, which clarifies that the processing of personal data of children under 16 – or, if provided for by the law of the Member States, of a lower age but not under 13 – is only lawful if and to the extent that such consent is expressed or authorized by the holder of parental responsibility over the child. Therefore, behaviour adopted by children without the authorisation of those who are required to supervise them under their responsibility, first and foremost parents, are contrary to the provisions and cannot be considered the data controller responsible for having violated the law by circumventing the provisions in force.